Anti-Virus Settings
Anti-Virus Configuration
Anti-Virus can be enabled/disabled and configured in the Policy.
Anti-Virus is an add-on that requires a license that is not included with the Deploy Faronics license. See Setup User Profile and Organization Setting.
Enabling Anti-Virus
To Enable Anti-Virus, you need to create a Windows Policy as follows:
1. Select the Control Grid tab on the top menu bar.
2. Navigate to the Policies tab.
3. Click the CREATE NEW POLICY drop-down menu.
4. Select WINDOWS POLICY from the menu.
5. Enter a name for your new Policy.
You can configure other settings here, but we will skip straight to the Anti-Virus configuration for this example. See Create a Windows Policy for further information.
6. Select Anti-Virus from the left-hand side menu.
7. Click the ENABLE ANTI-VIRUS button.
Configuring Anti-Virus
Once enabled, the Anti-Virus settings need configuring: Active Protection, Default Action for Cleanup Actions, Scan Schedules, Scan Options, Advanced Options, Scan Exception, USB Devices, and Remove Anti-Virus.
Anti-Virus Settings Descriptions
Anti-Virus Settings | Options | Description |
Enable Active Protection |
| Activate real-time protection for all computers using this Policy. Note: Make sure there is no real-time protection software is running on the computers. This includes third-party anti-virus applications. |
| Allow user to switch off Active Protection | The user can disable the active protection. |
| Show Active Protection Alert | Display the active protection alert when a real-time scan issue occurs. |
1. Click Enable Active Protection to enable/disable it depending on your preference.
2. Click Allow user to switch off Active Protection to enable/disable it depending on your preference.
3. Click Show Active Protection Alert to enable/disable it depending on your preference.
If this is the only setting you are configuring, click SAVE, otherwise, proceed to the next settings.
Configuring Cleanup Action
Next, you will need to configure the Cleanup Actions for your Policy.
Cleanup Action Descriptions
Cleanup Action | Options | Description |
Default Action for Infected Files | Clean/Quarantine | When a threat is detected, attempt to disinfect the file and quarantine if unsuccessful. |
| Clean/Delete | When a threat is detected, attempt to disinfect the file and delete it if unsuccessful. |
Delete items from Quarantine older than | number of days | Enter the number of days after which to delete files from quarantine, between 1 and 365. |
4. Click Cleanup Action to expand the options.
5. Either select the Clean/Quarantine or Clean/Delete option depending on your preference.
6. Click the Delete items from quarantine that are older than X days to enable/disable it.
7. If you enabled the Delete items from quarantine option in the previous step, enter the number of days after which quarantined files can be deleted (between 1 and 365).
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Configuring Scan Schedule
Next, you will need to configure the Scan Schedule for your Policy.
Scan Schedule Descriptions
Enable/Disable the Quick Scan and Deep Scans here. he schedule can also be edited, configuring the Start time, Stopping when the scan is complete (or at a specified time), days of the week to run the scan. To configure a scan schedule, select the edit option to the right of it.
Scan Schedule Settings | Options | Description |
Enable | Disable by unchecking. | Check the box to enable the Scan Configuration. |
Start |
| Time at which the scheduled scan will begin. |
Stop | When scan is complete. | Allow the scan to finish completely. |
| At specified time. | Stop the scan at a specific time. |
Days of the week |
| Set the days of the week for the scan to run. |
8. Click Scan Schedule to expand the options, then click Edit next to the Quick Scan.
9. Enable or disable the Quick Scan by clicking the box.
10. Either choose to stop the scan when its complete or enter a time for the scan to stop.
11. Select the days to run the virus scan on.
12. Click UPDATE to save your changes
13. OR click CANCEL to forget all changes made and return to the previous screen.
Repeat these steps for the Deep Scan.
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Configuring Scan Options
Next, you will need to configure your scan options as follows:
Scan Options Descriptions
Scan Options | Options | Description |
Randomize schedule scan start time by (2) minutes |
| Set the number of minutes by which to randomly change the virus scan start time. Default is set to 2 minutes. |
If scan is missed | Do not perform quick scan. | Skip the quick scan. |
| Perform quick scan approximately (5) minutes after start-up. | Start the quick scan at the specified interval after starting up the computer. Default is set to 5 minutes. |
| Prompt user to perform quick scan. | Alert the user that the scan was missed and suggest performing the scan now. |
14. Click Scan Options to expand the options.
15. Enter a number of minutes to randomize the scheduled start time; the default setting is 2.
16. Choose how to respond to a missed scan; either don't perform a scan, perform a quick scan after x minutes after startup, or prompt user to perform a quick scan.
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Configuring Advanced Options
Next, configure the Advanced Options for the Anti-Virus in your Policy:
Advanced Options Descriptions
Advanced Options | Description |
Enable rootkit detection | Detect malware toolkits (rootkits) when scanning. Available for Deep System and Custom configuration only. Deep system scan is enabled by default. |
Scan Inside of archives | Scan the contents of archive files (e.g., .zip .tar files). Available for Deep System and Custom configuration only, file size limit can be set, default is 100MB. |
Exclude removable drives | Don't scan external hard drives in the scan. Only available for Deep System scans. |
Scan registry | Include the registry of the system in the scan. Available for Quick, Deep System, and Custom scans. Quick and Deep system scans are enabled by default. |
Scan running processes | Include processes that are running in the scan. Available for Quick, Deep, and Custom scans. Quick and Deep system scans are enabled by default. |
17. Click Advanced Options to expand the options.
18. Select the Deep System Scan options (Default are Enable RootKit and Scan Inside Archives, Scan Registry and Scan Running Processes are mandatory).
19. Select the Custom Anti-Virus scan advanced options (default sets a file size limit to 100 MB).
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Configuring Scan Exceptions
Next, you can add a file or folder that is known to be safe to the exceptions list. This will prevent the virus scanner from scanning the file/folder.
Scan Exception
Specify the files or folders that are known to be safe. By adding the files or folders, Faronics anti-virus will not report the files as malicious or infected. The list displays the items that will not be reported as a virus.
20. Click Scan Exceptions to expand the options.
21. Click the + button.
22. Select either File by full path or Entire Folder from the drop-down list.
23. Click BROWSE to locate your file or folder.
24. Click OK to add the exception.
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Configuring USB Devices
Next, you can configure how to handle USB drives when they get inserted.
USB Devices Options Descriptions
USB Devices | Options | Description |
Scan USB drives Upon Insertion | Interrupt active scan for USB scan (please note the interrupted scan will not resume). | Stop a scan that is being performed when a USB drive gets inserted into a machine. |
| Do not perform a scan if another scan is in progress (the USB device will not be scanned automatically and must be scanned manually once the ongoing scan is complete). | Don't interrupt a scan if one is already running regardless if a USB drive gets inserted. |
| Suppress USB scan in progress dialogue | Enable/Disable this to hide or include USB scan in the progress dialogue. |
25. Click USB Devices to expand the options.
26. Enable/Disable Scan USB drives Upon Insertion (default is enabled).
27. If Scan USB drives is enabled, choose how to handle it either interrupt active scan for USB scan or Do not perform a scan if another scan is in progress.
28. If Scan USB drives is enabled, enable/disable the Suppress USB scan in progress dialogue.
If you don't wish to configure any other settings, click SAVE; otherwise, proceed to the next settings.
Remove Anti-Virus
The final option is to Remove Anti-Virus from all computers on this Policy; only enable this if you wish to remove the anti-virus software from the computers that use this Policy.
The new Policy's Anti-Virus has been configured. If this is the only or final setting you are configuring, click SAVE; otherwise, proceed to the next settings (Firewall Settings).
Once saved, to make any changes to this configuration, navigate to the Policies tab, then locate the Policy by name in the grid, select it and click the EDIT POLICY button on the top menu bar.
Last updated
